Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/99eebf7c-fe38-46a9-8311-e053fca50dfd/0/323430353a633434303a3a2f33322d3332203d3e20313339393732.roa
File:                     323430353a633434303a3a2f33322d3332203d3e20313339393732.roa (raw, json)
Hash identifier:          7B9NMIAt6o2ouwcqf5Q5a326EHxky3KwQZQYJ3mikGI=
Subject key identifier:   7C:77:B4:AC:ED:F8:05:31:4D:9F:A9:92:3E:99:C2:DB:FE:32:52:70
Certificate issuer:       /CN=6969B3009665224541D322068C9E3444C78F90F9
Certificate serial:       025D124689437182715E04161DFAA3374F5243C4
Authority key identifier: 69:69:B3:00:96:65:22:45:41:D3:22:06:8C:9E:34:44:C7:8F:90:F9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6969B3009665224541D322068C9E3444C78F90F9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/99eebf7c-fe38-46a9-8311-e053fca50dfd/0/323430353a633434303a3a2f33322d3332203d3e20313339393732.roa
Signing time:             Sat 12 Jul 2025 07:00:00 +0000
ROA not before:           Sat 12 Jul 2025 06:55:00 +0000
ROA not after:            Sat 11 Jul 2026 07:00:00 +0000
asID:                     139972
IP address blocks:        2405:c440::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/99eebf7c-fe38-46a9-8311-e053fca50dfd/0/6969B3009665224541D322068C9E3444C78F90F9.crl
                          rsync://repo-rpki.idnic.net/repo/99eebf7c-fe38-46a9-8311-e053fca50dfd/0/6969B3009665224541D322068C9E3444C78F90F9.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6969B3009665224541D322068C9E3444C78F90F9.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 21:58:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:5d:12:46:89:43:71:82:71:5e:04:16:1d:fa:a3:37:4f:52:43:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6969B3009665224541D322068C9E3444C78F90F9
        Validity
            Not Before: Jul 12 06:55:00 2025 GMT
            Not After : Jul 11 07:00:00 2026 GMT
        Subject: CN=7C77B4ACEDF805314D9FA9923E99C2DBFE325270
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:69:f3:63:49:c4:fc:97:21:42:a4:27:bf:47:
                    00:88:5a:f3:29:6e:36:b0:a4:a2:6c:a7:2b:a2:f1:
                    b3:3a:7d:a0:96:1f:be:18:a9:fb:ac:53:0b:7b:98:
                    af:f8:4e:4f:f7:63:5a:79:8f:92:38:c2:e1:6a:71:
                    0f:6a:e1:20:cf:a1:6e:1e:82:ac:08:bc:8d:ca:ba:
                    db:50:98:cf:f3:ca:ce:22:b9:d9:65:de:54:04:4e:
                    95:47:be:0c:81:70:22:cd:00:ec:9d:77:dc:99:54:
                    21:fe:11:fc:52:43:18:3a:d9:cb:48:cf:f8:e9:03:
                    03:33:0b:a9:83:e1:ba:43:9b:1e:fc:cd:1e:ee:44:
                    74:c4:aa:91:a8:f9:92:2f:ff:48:c1:88:6a:f1:b7:
                    5e:1c:11:35:a7:c0:ce:67:f7:37:4f:68:15:39:1a:
                    8a:5a:cf:81:2c:a2:51:5c:bb:d4:f0:d3:c4:a8:ad:
                    76:ac:1b:1b:8a:2d:ef:4c:ff:52:52:e6:22:4a:dc:
                    35:22:8f:d9:c1:ca:a2:43:57:e9:fb:e4:fd:4f:78:
                    cd:99:17:57:73:fa:53:33:f3:02:66:6a:29:dc:44:
                    d0:b9:cf:b3:99:12:7d:f6:bb:a2:e8:fe:08:de:61:
                    cf:9e:cd:dd:3b:02:3e:9d:90:69:fa:a0:19:40:7b:
                    c4:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:77:B4:AC:ED:F8:05:31:4D:9F:A9:92:3E:99:C2:DB:FE:32:52:70
            X509v3 Authority Key Identifier:
                keyid:69:69:B3:00:96:65:22:45:41:D3:22:06:8C:9E:34:44:C7:8F:90:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/99eebf7c-fe38-46a9-8311-e053fca50dfd/0/6969B3009665224541D322068C9E3444C78F90F9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6969B3009665224541D322068C9E3444C78F90F9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/99eebf7c-fe38-46a9-8311-e053fca50dfd/0/323430353a633434303a3a2f33322d3332203d3e20313339393732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:c440::/32

    Signature Algorithm: sha256WithRSAEncryption
         6a:6d:7d:9c:1f:18:d1:f0:ad:8b:d5:49:f7:84:6f:f5:e6:05:
         2a:82:97:91:89:d9:88:7e:63:d4:36:d8:02:b4:fc:30:56:c1:
         1d:da:00:93:87:fb:da:e8:55:12:f1:e5:f5:70:36:a9:36:dc:
         43:f4:79:98:c3:59:f0:f9:06:ff:0a:2a:32:8a:e9:9c:9b:70:
         50:b0:40:66:c6:e4:d3:cb:01:84:1e:29:10:7d:9b:0d:04:6c:
         8e:c1:e6:17:e1:83:3b:17:42:39:1c:c4:1a:43:cf:e4:b8:3e:
         6e:6a:cb:bf:05:2f:28:00:43:fa:94:8e:68:b4:55:99:fc:ec:
         30:c5:81:5c:89:9d:76:ad:d1:7a:d8:ac:a8:8b:ce:2d:06:22:
         4b:ff:7d:96:f9:9a:f9:1a:77:d7:c5:55:d0:c7:b4:9f:be:42:
         4d:c6:e2:2c:e4:5a:7b:bc:d6:ff:4b:54:f9:db:ae:79:6b:06:
         56:7b:b4:4c:80:44:d9:4e:5c:b6:17:be:f1:71:e6:42:e6:5d:
         05:c8:3a:36:c1:37:a9:d0:08:5d:51:4b:32:02:be:a8:8b:ed:
         83:0d:48:55:77:9b:3b:79:0c:89:95:42:4b:b7:69:45:6f:a3:
         bc:6d:9b:98:ee:39:83:a7:1b:13:d3:1f:7f:a1:4b:a7:dd:e2:
         92:a0:3d:1b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUAl0SRolDcYJxXgQWHfqjN09SQ8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjk2OUIzMDA5NjY1MjI0NTQxRDMyMjA2OEM5RTM0NDRD
NzhGOTBGOTAeFw0yNTA3MTIwNjU1MDBaFw0yNjA3MTEwNzAwMDBaMDMxMTAvBgNV
BAMTKDdDNzdCNEFDRURGODA1MzE0RDlGQTk5MjNFOTlDMkRCRkUzMjUyNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRafNjScT8lyFCpCe/RwCIWvMp
bjawpKJspyui8bM6faCWH74YqfusUwt7mK/4Tk/3Y1p5j5I4wuFqcQ9q4SDPoW4e
gqwIvI3KuttQmM/zys4iudll3lQETpVHvgyBcCLNAOydd9yZVCH+EfxSQxg62ctI
z/jpAwMzC6mD4bpDmx78zR7uRHTEqpGo+ZIv/0jBiGrxt14cETWnwM5n9zdPaBU5
Gopaz4EsolFcu9Tw08SorXasGxuKLe9M/1JS5iJK3DUij9nByqJDV+n75P1PeM2Z
F1dz+lMz8wJmaincRNC5z7OZEn32u6Lo/gjeYc+ezd07Aj6dkGn6oBlAe8R7AgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUfHe0rO34BTFNn6mSPpnC2/4yUnAwHwYDVR0j
BBgwFoAUaWmzAJZlIkVB0yIGjJ40RMePkPkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
OWVlYmY3Yy1mZTM4LTQ2YTktODMxMS1lMDUzZmNhNTBkZmQvMC82OTY5QjMwMDk2
NjUyMjQ1NDFEMzIyMDY4QzlFMzQ0NEM3OEY5MEY5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjk2OUIzMDA5NjY1MjI0NTQxRDMyMjA2OEM5RTM0NDRDNzhG
OTBGOS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk5ZWViZjdjLWZlMzgtNDZhOS04
MzExLWUwNTNmY2E1MGRmZC8wLzMyMzQzMDM1M2E2MzM0MzQzMDNhM2EyZjMzMzIy
ZDMzMzIyMDNkM2UyMDMxMzMzOTM5MzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQFxEAwDQYJKoZI
hvcNAQELBQADggEBAGptfZwfGNHwrYvVSfeEb/XmBSqCl5GJ2Yh+Y9Q22AK0/DBW
wR3aAJOH+9roVRLx5fVwNqk23EP0eZjDWfD5Bv8KKjKK6ZybcFCwQGbG5NPLAYQe
KRB9mw0EbI7B5hfhgzsXQjkcxBpDz+S4Pm5qy78FLygAQ/qUjmi0VZn87DDFgVyJ
nXat0XrYrKiLzi0GIkv/fZb5mvkad9fFVdDHtJ++Qk3G4izkWnu81v9LVPnbrnlr
BlZ7tEyARNlOXLYXvvFx5kLmXQXIOjbBN6nQCF1RSzICvqiL7YMNSFV3mzt5DImV
Qku3aUVvo7xtm5juOYOnGxPTH3+hS6fd4pKgPRs=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:50:38 2025 by rpki-client